WordPress 4.7.3 Security and Maintenance Release – Upgrade NOW

Last updated on
Share
Tweet
Share
Email

WordPress 4.7.3 is now available. It is the third in a series of recent security releases for WordPress core and we strongly encourage you to upgrade now.

This new 4.7.3 core release fixes three Cross-Site Scripting vulnerabilities:

  • Cross-site scripting (XSS) via media file metadata.
  • Cross-site scripting (XSS) via video URL on YouTube embeds.
  • Cross-site scripting (XSS) via taxonomy term names.

It also fixed the following additional security issues:

  • Control characters can trick redirect URL validation.
  • Unintended files can be deleted by administrators using the plugin deletion functionality.
  • Cross-site request forgery (CSRF) in “Press This” leading to excessive use of server resources.

In addition to the security issues above, it includes 39 maintenance fixes to fix a range of non-security related issues.

These security and maintenance releases should not be taken for granted. If you have not upgraded to version 4.7.3, we highly encourage you to do so right now!

That’s all, enjoy.

Let me know your thoughts in the comment section below.

Share
Tweet
Share
Email
Our Most Popular Post Right Now!
Disclosure: Some of the links on this site are “affiliate links”, which allow me to earn a small referral payment if you choose to purchase the product or service.

2 Responses

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended Book: WordPress All-in-One For Dummies
Subscribe to Blog via Email
Enter your email address to subscribe to this blog and receive notifications of new posts by email.
This field is for validation purposes and should be left unchanged.

Don’t worry, we hate spam as much as you do.
Do you need help setting up WordPress?
I can help you with blog and site setup, full website build, performance & security, maintenance and support, and many more.
Recommended Web Hosting